Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Qbik WinGate 错误传送行为漏洞
Vulnerability Description
WinGate是一款广为使用的多协议代理服务器程序。 Qbik WinGate,当透明拦截信号模式被激活时,运行HTTP Host页眉来决定远程终点,这会允许远程攻击者可以借助能造成客户端发送具有一个修改过的主机页眉的HTTP请求的一个特制的web页,绕过Flash, Java, Silverlight以及其他技术的访问控制,并可能与受限的企业内部网交流。
CVSS Information
N/A
Vulnerability Type
N/A